这是一个用于解密GQUIC协议Q043版本数据包的工具,基于gquiche实现,解密数据包的部分在gquiche/quic/proto_test
目录下。
该工具目前只是一个demo玩具,可能会存在或多或少的BUG。详细请参考这篇介绍文章一种对QUIC协议的抓包方案(拿某知名APP练手)
- 安装下列依赖库
apt-get install cmake build-essential protobuf-compiler libprotobuf-dev golang-go libunwind-dev libicu-dev
- 编译安装pcap pp库
- 拉取源码
git clone https://github.com/aazhuliang/GQUIC_043_decrypt.git
git submodule update --init
mkdir build && cd build
cmkae -DPCAPPP_INCLUDE_DIRS=xxx -DPCAPPP_LIBRARY_DIRS=xxx ..
make -jx
先修改config.h中的配置项
./quic_proto_test
python3 decode.py
- A sample quic server and client implementation are provided in quiche. To use these you should build the binaries.
cd build
make simple_quic_server simple_quic_client
cd -
- Download a copy of www.example.org, which we will serve locally using the simple_quic_server binary.
mkdir -p /data/quic-root
wget -p --save-headers https://www.example.org -P /data/quic-root
- In order to run the simple_quic_server, you will need a valid certificate, and a private key is pkcs8 format. If you don't have one, there are scripts to generate them.
cd utils
./generate-certs.sh
mkdir -p /data/quic-cert
mv ./out/* /data/quic-cert/
cd -
- Run the quic server
./build/simple_quic_server \
--quic_response_cache_dir=/data/quic-root/ \
--certificate_file=/data/quic-cert/leaf_cert.pem \
--key_file=/data/quic-cert/leaf_cert.pkcs8
- Request the file with quic client
./build/simple_quic_client \
--disable_certificate_verification=true \
--host=127.0.0.1 --port=6121 \
"https://www.example.org/index.html"
You can also use chormium-based browsers to access simple_quic_server at 127.0.0.1:6121
, and check the request/response protocol by DevTools -> Network panel.